CLAIMS 



What is claimed is: 



1. A memod for integrating a digital signature service into a 
database, said method comprising the steps of: 

receiving data, i^om a client of said database, for storage in a database 

record; 

receiving a digital tertificate for said client; 
^ generating a signature from said data; 

generating a signature object for said data, said digital signature object 
comprising said data, certificate and signature; and 

storing said signatur^ object as at least a portion of a record in said 
database. 



2. The method is set forth in claim 1, further comprising the steps 



of: 



receiving a query command from said user to retrieve said data from said 
record of said database table; 

retrieving, in response to said query command, said data, certificate and 
signature for said user; 

processing said data and said certificate, using said signature, to verify 
that said data and said certificate are unaltered from their original contents; 

obtaining, from saip certificate, an authentication as to the digital 
signatory; and 

generating, as a respbnse to said query command, said data, so as to 
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provide verification of said data with said signature and said certificate in 
response to said query. 



3. The mkhod as set forth in claim 2, fiirther comprising the steps 



5 of: 



10 



15 



20 



receiving, as said query command, a query command to retrieve at least 
one record in said database comprising criteria based on digital signatures stored 
for said records; 

identifying record^ in said database v^^ith said criteria regarding said 
digital signatures; and 

retrieving said recotds identified in response to said query command. 

4. The method as set forth in claim 3, further comprising the steps 

of: 

extracting, fi-om safd records retrieved, data, certificate and signature 
stored in said record; 

processing said dati and said certificate, using said signature, to verify 
that said data and said certificate are unaltered fi-om their original contents; 

obtaining, fi-om said certificate, an authentication as to the digital 
signatory of said data; and 

generating, as a response to said query command, said data, so as to 
provide verification of said data with said signature and said certificate in 
response to said query. 



25 



5. The method as 



set forth in claim 1, wherein: 
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the step of generAting a digital signature for said data comprises the 
step of generating a sin{ ;le signature object comprising said certificate, said 

signature; and 



the step of storing said document, certificate and signature as at least a 



portion of a record in said 



database comprises the step of storing said single 



signature object in said recoid of said database 



The method 



generating a single signature 
object comprising said 



as set forth in claim 5, wherein the step of 
Dbject comprises the step of generating a serialized 
certif tate, said document, and said signature. 



as 



7. The method 
storing said certificate of saic 



as 



8. The method 
said certificate of said user in 



of augmenting a user identification 



of: 



receiving a second di 



set forth in claim 1, fiirther comprising the step of 
user in a column of said database table. 



set forth in claim 7, wherein the step of storing 
a column of said database table comprises the step 
field to include said certificate of said user. 



The method as set forth in claim 1, further comprising the steps 



i^ital certificate for a second client; 
retrieving said signature object from said record in said database as a 
first signature object; 

generating a second signature from said first signature object with said 



second client as a signatory; 



\ 
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generating a second signature object, said second signature object 
comprising said first signature object, said second certificate, and said second 
signature; and 

storing, in said database, said second signature object. 



10. The method m set forth in claim 9, fiirther comprising the steps 



10 



15 



20 



25 



of: 



receiving a query command to retrieve said second signature object fi-om 
said record of said database table; 

retrieving, in response to said query command, said second signature 
object for said user; 

processing said first signature object and said second certificate, using 
said second signature, to verify that said first signature object and said second 
certificate are unaltered fi-om tl leir original contents; 

processing said data and said certificate, using said signature, to verify 
that said data and said certificate are unaltered fi*om their original contents; and 

generating, as a respoise to said query command, said data, so as to 
provide verification of said fir: it and second digital signatures. 

11, A computer [readable medium comprising a plurality of 
instructions which, when exjecuted by a computer, cause the computer to 
perform the steps of: 

client of said database, for storage in a database 



receiving data, fi^om a 



record; 



receiving a digital certi 



icate for said client; 
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generating a signatire from said data; 

generating a signatire object for said data, said digital signature object 
comprising said data, certificate and signature; and 

storing said sijgnaturef object as at least a portion of a record in said 
database. 



10 



15 



20 



25 



12. The computer readable medium as set forth in claim 11, fiirther 
comprising the steps of: 

receiving a query comm£ nd from said user to retrieve said data from said 
record of said database table; 

retrieving, in response to said query command, said data, certificate and 
signature for said user; 

processing said data and said certificate, using said signature, to verify 
that said data and said certificate are unaltered from their original contents; 

obtaining, from said certificate, an authentication as to the digital 
signatory; and 

generating, as a responsi to said query command, said data, so as to 
provide verification of said data with said signature and said certificate in 
response to said query. 

13. The computer realable medium as set forth in claim 12, fiirther 
comprising the steps of: 

receiving, as said query command, a query command to retrieve at least 
one record in said database comrirising criteria based on digital signatures stored 



for said records; 
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identifying reclprds in said database with said criteria regarding said 
digital signatures; and 

retrieving said records identified in response to said query command. 



14. The computer readable medium as set forth in claim 13, further 
comprising the steps of: 

extracting, from said\records retrieved, data, certificate and signature 

stored in said record; 

processing said data arjd said certificate, using said signature, to verify 
that said data and said certificatje are unaltered from their original contents; 

obtaining, from said Certificate, an authentication as to the digital 
signatory of said data; and 

generating, as a response to said query command, said data, so as to 
provide verification of said data "with said signature and said certificate in 
response to said query. 



15. The computer 
the step of generating 
of generating a single 
document, and said digital si 

the step of storing said 
portion of a record in said 
signature object in said record 



readable medium as set forth in claim 11, wherein: 
digital signature for said data comprises the step 
signature object comprising said certificate, said 
signature; and 

document, certificate and signature as at least a 
dktabase comprises the step of storing said single 
of said database. 



16. The computer readable medium as set forth in claim 15, wherein 
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the step of generaUng a single signature object comprises the step of generating 
a serialized objeqt comprising said certificate, said document, and said 
signature. 




17. The COTiputer readable medium as set forth in claim 1 1, further 

\ 

comprising the step of storing said certificate of said user in a column of said 



database table. 



18, 



the step of storing said 
comprises the step of 
certificate of said user 



The computer readable medium as set forth in claim 17, wherein 



c ertificate of said user in a column of said database table 
lugmenting a user identification field to include said 



19. The conputer readable medium as set forth in claim 11, further 
comprising the steps of 

receiving a second digital certificate for a second client; 
retrieving said signature object fi*om said record in said database as a 
first signature object; 

generating a sedond signature from said first signature object with said 
second client as a signatory; 

generating a se cond signature object, said second signature object 
comprising said first signature object, said second certificate, and said second 
signature; and 

storing, in said cjatabase, said second signature object. 

V 
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20. The computer readable medium as set forth in claim 19, further 
comprising the steps oi 

receiving a query command to retrieve said second signature object from 
said record of said database table; 

retrieving, in response to said query command, said second signature 
object for said user; 

processing said fii|t signature object and said second certificate, using 
said second signature, to Verify that said first signature object and said second 



certificate are unaltered fro 



m their original contents; 



processing said data and said certificate, using said signature, to verify 



that said data and said certi 



ficate are unaltered from their original contents; and 



verification of said first ani 



generating, as a response o said query command, said data, so as to provide 



second digital signatures. 



21. A computer dpmprising: 

an input device forjreceiving a digital certificate for a user of said 
computer; 

database client for gei^erating data for storage in a database record; 
database managemeni system, coupled to said database client, for 
generating a signature from s^id data, said database management system further 
for generating a signature o )ject for said data, said digital signature object 

e and signature; and 
database, coupled to said database management system, comprising a 
plurality of records for storing said signature object as at least a portion of a 



Attorney Docket No.: ODSY P004 
Express Mail Ubel No.: EL497530680US 



comprising said data, certifica 




35 



□ 

m 
I- 

iJl 
'Si 

m 

y 
a 

^0 



Attorney Docket No.: ODSY P004 
Express Mail Label No.: EW97530680US 



